Question

What is the significance of all the users and groups?

I’m a newbie just kind of toying with setting up a web server. I found a tutorial that said to change ownership of a new domain’s directory to www-data:www-data but then I noticed the default directory was root:root.

So I now have these questions:

  1. I found that there is already a user and group called www-data but what does that mean?
  2. When someone visits the website they’re viewing it as the www-data user?
  3. Is that a default user or is it something nginx created?
  4. Does the www-data group have limited permissions or something?
Subscribe
Share

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

When a folder is “user:group” you are referring to the fact that the folder is owned by user “user” who belongs to group “group”. When a folder is created (in this case, /var/www), the ownership goes to the user who created it. When the VPS was created, it was created by the root user so the folders . You can change the ownership to www-data:www-data or you can change permissions to allow NGINX (or any program operating at www-data:www-data) certain permissions (which is a whole other topic in itself).

If you wanted to change ownership of the folder to www-data and pretty much give NGINX full access, open up the console and issue the command “chown www-data:www-data /var/www” (if you are the root user). If you aren’t the root user, you’ll need to prefix the above command with “sudo”.

If you wanted to change the permissions, that’s a much more in depth command but generally speaking, you use the command “chmod”. Google it and there are plenty of articles that will go into the permissions more in depth.

  1. It’s the user nginx runs under
  2. Nginx is viewing it as the www-data user
  3. Yes
  4. Same permissions as any non-super user